﻿<%@ codepage=65001%><% 'UTF-8%>

<% '商品管理%>
<!--#include file="../Include/Common.All.asp"-->
<!--#include file="../Include/Conn.asp"-->
<% call OpenConn%>

<!--#include file="../Include/Common.Security.asp"-->
<!--#include file="../Include/MD5.asp"-->
<!--#include file="../Include/JSON_2.0.2.asp"-->
<!--#include file="../Include/JSON_UTIL_0.1.1.asp"-->



<%

	'定义json对象
	Dim jsonObj,jsonObj_user
	Set jsonObj = jsObject()
	Set jsonObj_user = jsObject()
	UserID=ReplaceBadChar(Trim(Session("UserID")))
	
	dim act 
  act=request("act")

 	Dim rsObj,strSql,strSqlTemp
 	''定义查询字段变量
 	dim UserName,UserType,UserID,TrueName,NickName ,user_roles
 	''影响的记录条数
 	Dim  RowCount 
	Dim page ''当前查询页
	''查询信息列表
	if "search"=act then
		page=ReplaceBadChar(Trim(request.Form("page")))&""

		UserName=ReplaceBadChar(Trim(request.Form("UserName")))
		UserType=ReplaceBadChar(Trim(request.Form("UserType")))
				
		jsonObj("rslist") = ""
		''添加用户信息
		jsonObj_user("UserID") = UserID 
		jsonObj_user("UserName") =ReplaceBadChar(Trim(Session("UserName")))
		Set jsonObj("customer") = jsonObj_user 
	 
		''添加查询结果信息，按照菜单排序
		''Dim rsObj,strSql 
		strSql = "SELECT top 100 PERCENT UserID as id ,UserID, GroupID, ClientID, UserType, UserName, Email, Mobile, TrueName ,NickName  "
		strSql=strSql & " , UserTypeName =   (CASE   WHEN 1 = UserType THEN '个人用户' WHEN 0 = UserType THEN '管理员'  WHEN 2 = UserType THEN '企业用户'  END ) "
		strSql=strSql & "  FROM PE_User "   & "WHERE 1=1 "
		If (UserName <> "") Then strSql=strSql & " and UserName like '%" & UserName & "%'  "
		If (UserType <> "") Then strSql=strSql & " and UserType = '" & UserType & "'  "
		strSql=strSql & " ORDER BY id  "
	
			
		dim TotalRsNum ,PageSizeCur''TotalRsNum总记录数''PageSizeCur当前页记录数
		strSqlTemp = "select count(*)  from ( " & strSql & " ) kksds "
		TotalRsNum = PE_CLng(Conn.Execute(strSqlTemp)(0))
		''PageSize 页的记录数量
		PageSizeCur = PageSize ''当前页记录数
		if (PageSize*PE_CLng(page)>TotalRsNum or 0=TotalRsNum) then ''判断最后一页记录数是否和PageSize相等
			PageSizeCur= TotalRsNum Mod PageSize ''该页的时间记录数
		end if

		strSqlTemp = " SELECT ttkkk.* FROM (SELECT TOP " & CStr(PageSizeCur)
		strSqlTemp = strSqlTemp & "  mmsss.* FROM (SELECT TOP " & CStr(PageSize*PE_CLng(page)) & " nnfff.* FROM ( " 
		strSqlTemp = strSqlTemp &	strSql  
		strSqlTemp = strSqlTemp &  " ) nnfff) mmsss  ORDER BY mmsss.id DESC) ttkkk ORDER BY ttkkk.id"

		Set jsonObj("rslist") = QueryToJSON(Conn, strSqlTemp)
		
		''添加分页信息
		'定义json对象
		Dim jsonObj_page
		Set jsonObj_page = jsObject()
			jsonObj_page("PageCur") = Page ''当前页	
			jsonObj_page("PageSizeCur") = PageSizeCur ''当前页记录数
			if (0=TotalRsNum  mod PageSize  ) then
				jsonObj_page("PageTotalNum")= TotalRsNum\PageSize''总页数
			else
				jsonObj_page("PageTotalNum")= TotalRsNum\PageSize+1''总页数
			end if
		Set jsonObj("page") = jsonObj_page 
	 
			
 	elseif "add"=act then
 			jsonObj("msg") = "&#x64CD;&#x4F5C;&#x5931;&#x8D25;&#xFF0C;&#x8BF7;&#x91CD;&#x8BD5;..."'''' "操作失败，请重试..."
			jsonObj("success") = 0'"false"

''添加信息
			UserID=ReplaceBadChar(Trim(request.Form("UserID")))
			UserType=ReplaceBadChar(Trim(request.Form("UserType")))
			UserName=ReplaceBadChar(Trim(request.Form("UserName")))
			TrueName=ReplaceBadChar(Trim(request.Form("TrueName")))
			NickName=ReplaceBadChar(Trim(request.Form("NickName"))) 
 
			''Dim rsObj,strSql
			set rsObj=Server.CreateObject("ADODB.Recordset")
			strSql = "Select  * from PE_User where UserID='"&UserID&"' "
			''Response.Write strSql&"-----"
			rsObj.Open strSql, Conn, 1, 3
			If rsObj.BOF And rsObj.EOF Then 
				rsObj.AddNew '如果没记录新增，有记录update	
				strSql = "select ISNULL(MAX(UserID), 0)   from PE_User  "
				UserID = PE_CLng(Conn.Execute(strSql)(0)) + 1
			end if				
			rsObj("UserID") = UserID
			rsObj("UserType") = UserType
			rsObj("UserName") = UserName
			rsObj("TrueName") = TrueName
			rsObj("NickName") = NickName
			rsObj.Update
			rsObj.close
			Set rsObj = Nothing
		 
			jsonObj("msg") = "&#x6DFB;&#x52A0;&#x6210;&#x529F;&#xFF0C;&#x6B63;&#x5728;&#x8DF3;&#x8F6C;..." ''' "添加成功，正在跳转..."
			jsonObj("success") = 1'"success"
			jsonObj("url") = "product.asp"
	 	 		
 elseif "edit"=act then
 			jsonObj("msg") = "&#x64CD;&#x4F5C;&#x5931;&#x8D25;&#xFF0C;&#x8BF7;&#x91CD;&#x8BD5;..." '''"操作失败，请重试..."
			jsonObj("success") = 0'"false"
			
 
''修改信息
			UserID=ReplaceBadChar(Trim(request.Form("UserID")))
			UserType=ReplaceBadChar(Trim(request.Form("UserType")))
			UserName=ReplaceBadChar(Trim(request.Form("UserName")))
			TrueName=ReplaceBadChar(Trim(request.Form("TrueName")))
			NickName=ReplaceBadChar(Trim(request.Form("NickName"))) 
			user_roles=ReplaceBadChar(Trim(request.Form("user_roles"))) 
			
 
			''Dim rsObj,strSql
			set rsObj=Server.CreateObject("ADODB.Recordset")
			strSql = "Select  * from PE_User where UserID='"&UserID&"' "
			''Response.Write strSql&"-----"
			rsObj.Open strSql, Conn, 1, 3
			If rsObj.BOF And rsObj.EOF Then 
				jsonObj("msg") = "&#x64CD;&#x4F5C;&#x5931;&#x8D25;&#xFF0C;&#x8BF7;&#x91CD;&#x8BD5;..." ''' "操作失败，请重试..."
				jsonObj("success") = 0'"false"
			else				
				'rsObj("UserID") = UserID
				rsObj("UserType") = UserType
				rsObj("UserName") = UserName
				rsObj("TrueName") = TrueName
				rsObj("NickName") = NickName
				rsObj.Update
				rsObj.close
				
				''删除该用户原有的角色，添加现有已经选中的角色
			  RowCount = 0
		    Conn.Execute ("delete from T_USER_ROLE where user_id='"&UserID&"'"), RowCount		    	
		    ''添加选中的角色
				strSql =" INSERT INTO T_USER_ROLE (role_id, user_id) "
				strSql =strSql & " SELECT id, "&UserID&" AS role_user_id "
				strSql =strSql & " FROM T_ROLE WHERE 1=2 "
				If ("" <> user_roles ) Then  strSql =strSql & " or id IN ("&user_roles&")  "
		    Conn.Execute (strSql), RowCount		 
				
			 
				jsonObj("msg") = "&#x6DFB;&#x52A0;&#x6210;&#x529F;&#xFF0C;&#x6B63;&#x5728;&#x8DF3;&#x8F6C;..."'' "添加成功，正在跳转..."
				jsonObj("success") = 1'"success"
				jsonObj("url") = "users.asp"
	 		end if	

			Set rsObj = Nothing
 
 elseif "delete"=act then
''删除记录
		UserID=ReplaceBadChar(Trim(request.Form("UserID"))) 
    
    RowCount = 0
    If (id <> "" ) Then 
    	Conn.Execute ("delete from PE_User where UserID='"&UserID&"'"), RowCount
    End If
    If RowCount = 0 Then
        jsonObj("success") = 0 'false
        jsonObj("msg") = "&#x8BB0;&#x5F55;&#x5220;&#x9664;&#x5931;&#x8D25;&#x3002;" '''' "记录删除失败。" 
    Else
        jsonObj("msg") = 	"&#x5220;&#x9664;&#x6210;&#x529F;&#xFF0C;&#x6B63;&#x5728;&#x8DF3;&#x8F6C;..." ''''"删除成功，正在跳转..." 
				jsonObj("success") = 1'"success"
				jsonObj("url") = "product.asp"
    End If
  

	end If''''删除记录
 

	'输出json对象
	jsonObj.Flush
	''Response.Write strSql&"-----"
 '释放数据库链接
	call CloseConn

''{
''    rslist : [ { name: "mac", desc: "computer",     
''                   price: 1000, quantity: 100, alert:null },
''                 { name: "ipod", desc: "music player", 
''                   price:  200, quantity: 200, alert:"on sale now!" },
''                 { name: "cinema display", desc: "screen",       
''                   price:  800, quantity: 300, alert:"best deal!" } ],
''    customer : { first: "John", last: "Public", level: "gold" }
''}

%>